| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| McAfee | W32/PinkSbot-GN!D6D06BCFF9F3 | 20200801 | 6.0.6.653 |
| Alibaba | TrojanBanker:Win32/Kryptik.33dd4a5e | 20190527 | 0.3.0.5 |
| Baidu | 20190318 | 1.0.0.2 | |
| Avast | Win32:BankerX-gen [Trj] | 20200801 | 18.4.3895.0 |
| Tencent | Malware.Win32.Gencirc.10b9ecf8 | 20200801 | 1.0.0.1 |
| Kingsoft | 20200801 | 2013.8.14.323 | |
| CrowdStrike | win/malicious_confidence_90% (W) | 20190702 | 1.0 |
| host | 172.217.24.14 | |||
| Bkav | W32.AIDetectVM.malware1 |
| MicroWorld-eScan | Trojan.Agent.EQDY |
| McAfee | W32/PinkSbot-GN!D6D06BCFF9F3 |
| Malwarebytes | Backdoor.Qbot |
| VIPRE | Trojan.Win32.Generic!BT |
| SUPERAntiSpyware | Trojan.Agent/Gen-QBot |
| Sangfor | Malware |
| K7AntiVirus | Trojan ( 0056625d1 ) |
| Alibaba | TrojanBanker:Win32/Kryptik.33dd4a5e |
| K7GW | Trojan ( 0056625d1 ) |
| Cybereason | malicious.eac75f |
| Invincea | heuristic |
| Cyren | W32/Kryptik.BMM.gen!Eldorado |
| Symantec | Packed.Generic.459 |
| ESET-NOD32 | a variant of Win32/Kryptik.HEWP |
| APEX | Malicious |
| Paloalto | generic.ml |
| ClamAV | Win.Malware.Qbot-7768292-0 |
| GData | Trojan.Agent.EQDY |
| Kaspersky | HEUR:Trojan-Banker.Win32.Qbot.pef |
| BitDefender | Trojan.Agent.EQDY |
| NANO-Antivirus | Trojan.Win32.Inject3.hjzkun |
| AegisLab | Trojan.Win32.Eqdy.4!c |
| Avast | Win32:BankerX-gen [Trj] |
| Tencent | Malware.Win32.Gencirc.10b9ecf8 |
| Ad-Aware | Trojan.Agent.EQDY |
| Sophos | Mal/EncPk-APV |
| Comodo | TrojWare.Win32.Qbot.AS@8rff2f |
| F-Secure | Trojan.TR/AD.Qbot.fmbek |
| DrWeb | Trojan.Inject3.39574 |
| Zillya | Trojan.Kryptik.Win32.2017489 |
| TrendMicro | TROJ_GEN.R002C0DE620 |
| MaxSecure | Trojan.Malware.100850780.susgen |
| FireEye | Generic.mg.d6d06bcff9f39631 |
| Emsisoft | Trojan.Agent.EQDY (B) |
| SentinelOne | DFI - Malicious PE |
| F-Prot | W32/Kryptik.BMM.gen!Eldorado |
| Jiangmin | Trojan.Banker.Qbot.oh |
| Webroot | W32.Trojan.Gen |
| Avira | TR/AD.Qbot.fmbek |
| MAX | malware (ai score=85) |
| Antiy-AVL | Trojan[Banker]/Win32.Qbot |
| Endgame | malicious (high confidence) |
| Arcabit | Trojan.Agent.EQDY |
| ViRobot | Trojan.Win32.Z.Agent.2087936.H |
| ZoneAlarm | HEUR:Trojan-Banker.Win32.Qbot.pef |
| Microsoft | Trojan:Win32/Dridex.RAC!MTB |
| Cynet | Malicious (score: 90) |
| AhnLab-V3 | Malware/Win32.RL_Generic.R335416 |
| ALYac | Backdoor.QBot.gen |
No hosts contacted.
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| time.windows.com |
A 20.189.79.72
CNAME time.microsoft.akadns.net |
|
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| teredo.ipv6.microsoft.com | 127.0.0.1 |
No TCP connections recorded.
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 49713 | 114.114.114.114 | 53 |
| 192.168.56.101 | 50002 | 114.114.114.114 | 53 |
| 192.168.56.101 | 53657 | 114.114.114.114 | 53 |
| 192.168.56.101 | 57756 | 114.114.114.114 | 53 |
| 192.168.56.101 | 60384 | 114.114.114.114 | 53 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
| 192.168.56.101 | 123 | 20.189.79.72 time.windows.com | 123 |
| 192.168.56.101 | 49235 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 50534 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 51808 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 51963 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 56804 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 57874 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 62191 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 62318 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 63429 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 1900 | 239.255.255.250 | 1900 |
| 192.168.56.101 | 49238 | 239.255.255.250 | 1900 |
| 192.168.56.101 | 53658 | 239.255.255.250 | 3702 |
No HTTP requests performed.
No ICMP traffic performed.
No IRC requests performed.
No Suricata Alerts
No Suricata TLS
No Snort Alerts